Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
A Socio-Technical Framework for Threat Modeling A Software Supply Chain
Stockholm University, Faculty of Social Sciences, Department of Computer and Systems Sciences.
Stockholm University, Faculty of Social Sciences, Department of Computer and Systems Sciences.
2013 (English)In: The 2013 Dewald Roode Workshop on Information Systems Security Research, IFIP WG8.11/WG11.13: Conference Proceedings / [ed] Anthony Vance, International Federation for Information Processing, 2013Conference paper, Published paper (Refereed)
Abstract [en]

In this paper we suggest a possible threat modeling approach for software supply chain. A Socio-technical approach is discussed and applied for modeling software supply chain security based on a case study of Swedish armed forces (SWAF). First we review current practices and theories for threat modeling of software supply chain. Then we suggest the application of a socio-technical framework for studying software supply chain security problem from a systemic viewpoint. Afterward we propose a step-by-step approach for threat modeling including modeling the target system, identifying threats and analyzing countermeasures. We also present a Delphi groups validation of the socio-technical framework.

Place, publisher, year, edition, pages
International Federation for Information Processing, 2013.
Keyword [en]
Threat modeling, software supply chain, socio-technical framework, social-technical approach
National Category
Information Systems
Research subject
Computer and Systems Sciences
Identifiers
URN: urn:nbn:se:su:diva-97703OAI: oai:DiVA.org:su-97703DiVA: diva2:679933
Conference
The 2013 Dewald Roode Workshop on Information Systems Security Research, October 4-5, 2013, Niagara Falls, New York, USA
Available from: 2013-12-17 Created: 2013-12-17 Last updated: 2013-12-19Bibliographically approved

Open Access in DiVA

No full text

Search in DiVA

By author/editor
Kowalski, Stewart
By organisation
Department of Computer and Systems Sciences
Information Systems

Search outside of DiVA

GoogleGoogle Scholar

urn-nbn

Altmetric score

urn-nbn
Total: 6546 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf